<?php

namespace Admin\Controller;
use Common\Controller\AdminbaseController;
class PublicController extends AdminbaseController {

    public function _initialize() {
        C(S('sp_dynamic_config'));//加载动态配置
    }
    
    //后台登陆界面
    public function login() {
        $admin_id=session('ADMIN_ID');
    	if(!empty($admin_id)){//已经登录
    		redirect(U("admin/index/index"));
    	}else{
    	    $site_admin_url_password =C("SP_SITE_ADMIN_URL_PASSWORD");
    	    $upw=session("__SP_UPW__");
    		if(!empty($site_admin_url_password) && $upw!=$site_admin_url_password){
    			redirect(__ROOT__."/");
    		}else{
    		    session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__",true);
    			$this->display(":login");
    		}
    	}
    }
    
    public function logout(){
    	session('ADMIN_ID',null); 
    	redirect(__ROOT__."/admin");
    }
    
    public function dologin(){
        $login_page_showed_success=session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__");
        if(!$login_page_showed_success){
            $this->error('login error!');
        }
    	$name = I("post.username");
    	if(empty($name)){
    		$this->error(L('USERNAME_OR_EMAIL_EMPTY'));
    	}
    	$pass = I("post.password");
    	if(empty($pass)){
    		$this->error(L('PASSWORD_REQUIRED'));
    	}
		$user = D("Common/Users");
		if(strpos($name,"@")>0){//邮箱登陆
			$where['user_email']=$name;
		}else{
			$where['user_login']=$name;
		}
		
		$result = $user->where($where)->find();
		if(!empty($result)){
			if(sp_compare_password($pass,$result['user_pass'])){
//				$role_user_model = M("RoleUser");
//				$role_user_join = C('DB_PREFIX').'role as b on a.role_id = b.id';
//				$groups = $role_user_model->alias("a")->join($role_user_join)->where(array("user_id"=>$result["id"],"status"=>1))->getField("role_id",true);
				
				$groups = M("Department")->where(array("id" => $result["department_id"]))->getField("department_role", true);
				//exit(M("Department")->getLastSql());
				if( $result["id"] != 1 && empty($groups) ){
					$this->error("禁止登陆！");
				}
				//登入成功页面跳转
				session('deptid', $result["department_id"]);
				session('ADMIN_ID',$result["id"]);
				session('name',$result["user_login"]);
				session('Role',$result["role_id"]);
				
				$result['last_login_ip'] = get_client_ip(0,true);
				$result['last_login_time'] = date("Y-m-d H:i:s");
				$user->save($result);
				
				cookie("admin_username", $name, 3600*24*30);
				
				$this->success(L('LOGIN_SUCCESS'), U("Index/index"));
			}else{
				$this->error(L('PASSWORD_NOT_RIGHT'));
			}
		}else{
			$this->error(L('USERNAME_NOT_EXIST'));
		}
    }

}